白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Systems and methods for passive key identification

專利號(hào)
US11888888B2
公開日期
2024-01-30
申請(qǐng)人
Orca Security LTD.(IL Tel Aviv)
發(fā)明人
Avi Shua
IPC分類
H04L9/08; H04L9/14; H04L67/1008; H04L9/40; H04L67/101; G06F9/455; G06F21/54; G06F21/55; G06F21/56; G06F21/78; G06F21/57; G06F9/50
技術(shù)領(lǐng)域
cloud,may,asset,scanning,or,system,workload,in,risk,storage
地域: Tel Aviv-Jaffa

摘要

A method is disclosed for accessing a primary account maintained in a cloud environment, receiving information defining a structure of the primary account, the structure including a plurality of assets, and deploying, inside the primary account or a secondary account for which trust is established with the primary account, at least one ephemeral scanner configured to scan at least one block storage volume and output metadata defining the at least one block storage volume, the output excluding raw data of the primary account. The method further comprises receiving a transmission of the metadata from the at least one ephemeral scanner, excluding raw data of the primary account, analyzing the metadata to identify cybersecurity vulnerabilities, correlating each of the cybersecurity vulnerabilities with one of the assets, and generating a report correlating the cybersecurity vulnerabilities with the assets. Systems and computer-readable media implementing the method are also disclosed.

說明書

  • wherein utilizing a scanner includes modifying a pre-utilized scanner at the location of the block storage volume based on information related to the target account to obtain a modified scanner;
  • wherein utilizing a scanner includes utilizing the modified scanner.
  • identifying assets in a cloud environment;
  • identifying risks associated with each of the identified asset;
  • identifying relationships between at least some of the identified assets, the relationships including at least one of a trust, a network connectivity, or a mechanism of network proxying;
  • receiving an identification of a specific asset under investigation;
  • performing a forward analysis of the specific asset under investigation to identify at least one possible attack vector reaching the specific asset via a network outside the cloud environment;
  • performing a backward analysis of the specific asset to identify at least one exposure risk to one or more assets that is in a downstream of the specific asset, wherein the at least one exposure risk includes an identification of an exposed asset, an entry point to the exposed asset, and a lateral movement risk associated with the exposed asset; and
  • outputting a signal to cause on a display to present a presentation of forward and backward paths associated with the specific asset, thereby enabling visualization of a plurality of entry points and lateral movement risks associated with the plurality of entry points.
  • wherein the network outside the cloud environment includes the Internet.

    • 權(quán)利要求

    1
    微信群二維碼
    意見反饋